General Feedback

Do you have an idea or suggestion based on your experience with Windows Server? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Windows Server customer. All of the feedback you share in these forums is monitored and reviewed by the Microsoft engineering teams responsible for building Windows Server. Suggestions can apply to both released and Technical Preview versions of Windows Server.

2. Requests for feature changes around the end-user experience, such as desktop shell, start menu, individual consumer apps, etc. must be provided through the Windows 10 Feedback Hub tool. We have no ownership of these types of non-Windows Server components.

3. This forum (General Feedback) is used for any broad feedback related to Windows Server. Feedback for specific areas like Storage, Networking, Virtualization, Nano Server, etc., should be provided in one of the forums available on the right. It is not for bug filings. If you find a bug with Windows Server please open a support case at https://support.microsoft.com and report it – these cases are free.

In the Windows Desktop client (Remote Desktop for WVD), there appears to be a limit of 15 characters in a connection name before it gets truncated and ... is added. This causes names to be indistinguishable if they are long, and a primary descriptor is at the end. For example:
CompanyName-Department-Prod-EastUS
CompanyName-Department-Prod-WestUS
CompanyName-Department-Prod-NorEuro
CompanyName-Department-Dev-SouthEast
etc...

The only way to see the available connections is by icon. Add functionality in the Windows Desktop client for list view, and functionality to configure a default.

Try to establish Remote Desktop Connection from a computer in one forest to a computer in another forest, with an account that is a member of “Protected Users” security group. The connection will fail if the computer (from where you’re trying to establish RDP connection) does not have “RC4HMACMD5” kerberos encryption type enabled (i.e. it only has “AES256HMACSHA1” enabled).

On the other hand, if the user that is trying to establish Remote Desktop Connection is using an account that is NOT a member of “Protected Users” security group, and only AES kerberos encryption types are enabled on the computer from where the connection is initiated (i.e. “RC4HMACMD5” is not enabled), the connection would be established because after kerberos authentication would fail, the account would be authenticated using NTLM, which is even worse.

Please fix this!

We must be able to authenticate and connect to another forest (of course, it the trust exist) with Kerberos using AES. Using RC4 is not acceptable, and NTLM is even worse.

Establish a two-way forest trust.

Try to establish Remote Desktop Connection from a computer in one forest to a computer in another forest, with an account that is a member of “Protected Users” security group. The connection will fail if the computer (from where you’re trying to establish RDP connection) does not have “RC4HMACMD5” kerberos encryption type enabled (i.e. it only has “AES256HMACSHA1” enabled).

On the other hand, if the user that is trying to establish Remote Desktop Connection is using an account that is NOT a member of “Protected Users” security group, and only AES…

We have two-way forest trust established and would like to manage group policy for both forests from one server.

On a member server where Group Policy Management console is installed, these encryption types are enabled in “Network security: Configure encryption types allowed for Kerberos“:
AES256HMACSHA1
Future encryption types

When I try to add another forest to Group Policy Management console (open “Group Policy Management” console, right click on “Group Policy Management”, click on “Add forest…”, enter domain name and then click “OK”), a message “Access is denied.” pops up.

If I enable “RC4HMACMD5” on the server where Group Policy Management console is installed, I can add a forest in Group Policy Management console without any errors.

Please fix this. I don't like having legacy cypher (RC4) enabled just to be able to manage group policy from two different forests.

We have two-way forest trust established and would like to manage group policy for both forests from one server.

On a member server where Group Policy Management console is installed, these encryption types are enabled in “Network security: Configure encryption types allowed for Kerberos“:
AES256HMACSHA1
Future encryption types

When I try to add another forest to Group Policy Management console (open “Group Policy Management” console, right click on “Group Policy Management”, click on “Add forest…”, enter domain name and then click “OK”), a message “Access is denied.” pops up.

legacy systems needs to go to cloud

why container? 1nd

Large systems with decades of code written, composed by 3rd party components can not be changed right away. So containerizing monoliths, are one important step on the jorney to the cloud

why container? 2st

I'm newbie, but as far as I know, the whole thing about containers is ship it as image once and run it everywhere, with environment isolation and integrity.. right?!

the issue

There is no way to properly set globalization settings like Time Zone, Language, or Windows-Location on Server Core containers. Once I can not control the container host, I don't know where my software will run: Azure AKS, AWS, On-Prem, data centers, Windows Desktops,..
So, I need to ensure some container environment settings..

the feeling

I'm very sad.. Microsoft should realize that globalization settings like language and time zone are fundamental to keep the world running..

Otherwise, Windows Server on container is useless, and if you have an OS useless for containers, what do you have?!

I want to go to cloud, I want to go with Windows platform, please don't stop me...

The archive (16MB) expands out to ~3GB, and each of the ~500 files in the repository is listed within the metadata archive 65,535 times.

When processed by a repository manager like Red Hat Satellite this causes the underlying Pulp & Python processes to go nuts, consume 100% of server memory and swap space before dying due to an Out of Memory error.

Other repositories on packages.microsoft.com (like Visual Studio Code) are not currently affected by this issue.

broadcast windowsserverlist oninternet, let all age of student set windows server option in operatesystem manager(mmc) for learning all windows system version.
在互联网广播传播windows服务列表，让所有年龄的学生在windows系统管理器中设置服务选项，通过这种方式学习所有版本的windows系统.

Given that the Server Essentials Feature has now been deprecated and is only available safely until Server 2016 goes out of support, why not make at least the Client Backup Service from the Server Essentials Feature available as an additional cost addon (to make it viable to support) OR make it Open Source so that at least this important feature of WSE can continue. Those alternatives available with the deduplication capabilities included (such as those from Acronis) are simply too costly for home and SOHO users!

Currently, when using the DNS Policy capability added in Windows Server 2016 and above, the policies and client subnets are not replicated to all AD integrated DNS servers, as this information is not stored in the directory even if the zone is AD integrated. This causes configuration drift, requires custom scripting to propagate across all DNS servers, etc. currently. Please add this information into the directory so that it's automatically replicated, like the zone scopes are.

I have a number of 2016 servers. It seems like 99% of them fail when doing automatic updates. I am able to install them manually by going through sconfig and selecting option 6 but it takes FOREVER. During installation, the CPU or Memory isn't maxed out at 100% so I have no idea what is causing it to take forever. All other previous versions of Windows run and install updates just fine in the same VMware environment.

Get-ADFSRelyingPartyTrust should export a completed powershell script for Add-ADFSRelyingPartyTrust, this will solve your import issue, and make it easy for people to migrate servers, or even automate relying party migrations.

on a fresh installed and fully patched Windows Server 2019 Std if I enable RDSH role the Windows Search stops working.

Windows Search service looks good and eventlog shows no errors but Indexing Options shows no locations enabled for indexing and I am unable to add them

Things I have already tried

1 - Windows Search service restart

2 - Server restart

3 - Rebuild Index

4 - Enable Windows Search feature

5 - DISM ad SFC

6 - Windows Troubleshoot - shows incorrect permission on C:\ProgramData\Microsoft\Search\Data folder but is unable to fix them. If I manually fix those permissions, search still not works adn permission are automatically reset to previous not working ones

Thank you in advance for help

UPDATE:

Uninstalling RDSH role fix the issue. Unfortunatelly I need both RDSH and Windows Search

I have been fighting task scheduler for a while and have determined that there is most definitely an issue with task scheduler

we have a batch file that calls an executable.
We can run that batch file from the file explorer and we can watch with a ui and see all the different actions being taken, typically about 120 lines of actions. and this typically takes about a minute and a half to run.

When we put that same batch file in task scheduler and run it on maybe a reocurrance of every 10 minutes, task scheduler starts the task, the task completes 20 actions prior to prematurely ending the task at 5 minutes with no error log, no logs in even viewer, no errors in history, no nothing, but we can clearly see that for one reason or another task scheduler slows down the batch files execution from like 120 actions in a minute and a half to 20 actions in 5 minutes. and then doesn't even complete the task before ending.

This is a horrendous problem, imagine a backup job... and it slows the backup then kills it after 5 min. That would be very detrimental.

we also decided that since it's a batch file calling an executable that we can simply just call the executable instead, so we did... with the exact same result. Running the executable from file explorer ran all 120 actions in about a minute and a half, running it from task scheduler ran about 20 actions in 5 minutes and died at 5 minutes saying the task was complete even though it was not complete.

This absolutely needs to be fixed.

I have been fighting task scheduler for a while and have determined that there is most definitely an issue with task scheduler

we have a batch file that calls an executable.
We can run that batch file from the file explorer and we can watch with a ui and see all the different actions being taken, typically about 120 lines of actions. and this typically takes about a minute and a half to run.

When we put that same batch file in task scheduler and run it on maybe a reocurrance of every 10 minutes, task scheduler starts the task,…